From: tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Thu, 22 Nov 2012 05:07:22 +0000 (+0000)
Subject: Fix issue that RsaPkcs1Verify() may not work in PEI phase.
X-Git-Tag: edk2-stable201903~12876
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=8c5720b46575489fbf6dc4e0fad47124b817f8b5

Fix issue that RsaPkcs1Verify() may not work in PEI phase.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13958 6f19259b-4bc3-4df7-8a09-765794883524
---

diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
index 75d89648e4..47a92fec65 100644
--- a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
@@ -205,7 +205,7 @@ RuntimeCryptRsaPkcs1Verify (
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashLength,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigLength
   )
 {
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
index 86476450f4..a7d21fd3ff 100644
--- a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
@@ -179,7 +179,7 @@ RuntimeCryptRsaPkcs1Verify (
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashLength,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigLength
   );
 
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 4564d7be65..504f405396 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1498,7 +1498,7 @@ RsaPkcs1Verify (
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashSize,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigSize
   );
 
diff --git a/CryptoPkg/Include/Protocol/RuntimeCrypt.h b/CryptoPkg/Include/Protocol/RuntimeCrypt.h
index bb03a622e9..35fd43cd75 100644
--- a/CryptoPkg/Include/Protocol/RuntimeCrypt.h
+++ b/CryptoPkg/Include/Protocol/RuntimeCrypt.h
@@ -181,7 +181,7 @@ BOOLEAN
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashLength,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigLength
   );
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
index 76754b4a72..cbe3c50fed 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
@@ -285,19 +285,23 @@ RsaPkcs1Verify (
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashSize,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigSize
   )
 {
   INTN     Length;
+  UINT8    *DecryptedSigature;
 
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || MessageHash == NULL || Signature == NULL || SigSize > INT_MAX) {
+  if (RsaContext == NULL || MessageHash == NULL || Signature == NULL) {
     return FALSE;
   }
 
+  if (SigSize > INT_MAX || SigSize == 0) {
+    return FALSE;
+  }
   
   //
   // Check for unsupported hash size:
@@ -306,14 +310,22 @@ RsaPkcs1Verify (
   if (HashSize != MD5_DIGEST_SIZE && HashSize != SHA1_DIGEST_SIZE && HashSize != SHA256_DIGEST_SIZE) {
     return FALSE;
   }
-  
+
+  //
+  // Prepare buffer to store decrypted signature.
+  //
+  DecryptedSigature = (UINT8 *) malloc (SigSize);
+  if (DecryptedSigature == NULL) {
+    return FALSE;
+  }
+
   //
   // RSA PKCS#1 Signature Decoding using OpenSSL RSA Decryption with Public Key
   //
   Length = RSA_public_decrypt (
              (UINT32) SigSize,
              Signature,
-             Signature,
+             DecryptedSigature,
              RsaContext,
              RSA_PKCS1_PADDING
              );
@@ -324,6 +336,7 @@ RsaPkcs1Verify (
   //       Ignore more strict length checking here.
   //
   if (Length < (INTN) HashSize) {
+    free (DecryptedSigature);
     return FALSE;
   }
 
@@ -337,15 +350,17 @@ RsaPkcs1Verify (
   //       Then Memory Comparing should skip the DER value of the underlying SEQUENCE
   //       type and AlgorithmIdentifier.
   //
-  if (CompareMem (MessageHash, Signature + Length - HashSize, HashSize) == 0) {
+  if (CompareMem (MessageHash, DecryptedSigature + Length - HashSize, HashSize) == 0) {
     //
     // Valid RSA PKCS#1 Signature
     //
+    free (DecryptedSigature);
     return TRUE;
   } else {
     //
     // Failed to verification
     //
+    free (DecryptedSigature);
     return FALSE;
   }
 }
diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c
index 68abc893fd..cd40d16233 100644
--- a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c
@@ -401,7 +401,7 @@ RsaPkcs1Verify (
   IN  VOID         *RsaContext,
   IN  CONST UINT8  *MessageHash,
   IN  UINTN        HashSize,
-  IN  UINT8        *Signature,
+  IN  CONST UINT8  *Signature,
   IN  UINTN        SigSize
   )
 {